37 vulnerabilidades identificadas em 4 Open-Source Softwares VNC

37 vulnerabilidades identificadas em 4 Open-Source Softwares VNC.

Os investigadores encontraram 37 vulnerabilidades em quatro apps populares VNC open-source existentes desde 1999. Essas vulnerabilidades permitem que os atacantes comprometam os sistemas de destino remotamente.

De acordo com a análise da Kaspersky, mais de 600.000 servidores VNC estão acessiveis na Internet, resultados obtidos via Shodan.

37 vulnerability discovered with four VNC components that include ten in LibVNC, four in TightVNC 1.X, one in TurboVNC and 22 in UltraVNC.

As aplicações VNC estão disponíveis nas versões gratuita e comercial e são compatíveis com sistemas operativos como Windows, Linux, macOS e Android.

Os investigadores da Kaspersky encontraram vulnerabilidades nos componentes do servidor e do cliente, vinculadas ao uso incorreto da memória, o que leva ao mau funcionamento e à negação de serviço.

Em alguns casos extensos, as vulnerabilidades permitem que os atacantes obtenham acesso não autorizado ao dispositivo ou implantem malware na máquina vítima.

Os vetores de ataque são os seguintes:

An attacker is on the same network with the VNC server and attacks it to gain the ability to execute code on the server with the server’s privileges.
A user connects to an attacker’s ‘server’ using a VNC client and the attacker exploits vulnerabilities in the client to attack the user and execute code on the user’s machine.

The bugs have been reported to the developers and most of them have been fixed already, except TightVNC 1.x which was no longer supported. Developers recommended using TightVNC 2.X versions.

Os investigadores recomendaram monitorizar os programas de acesso remoto da infraestrutura, verificar os dispositivos ligados remotamente e recomendam também o uso de palavras-passe fortes.

Pedro Tavares

Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.